Josh Drake, CTO and Geoffrey Leonard, CRO, presented Smallstep’s focus on device identity management. Josh introduced the concept of device identity management, emphasizing its importance in ensuring that only authentic devices can access sensitive resources through ACME device attestation. This technology leverages Trusted Platform Modules to enhance security and mitigate risks such as credential exfiltration and phishing.
Geoffrey provided practical examples of how this system verifies company-owned devices before granting access to applications, while also addressing the limitations of the existing SCEP standard, which relies on shared passwords for device trust. The goal is to facilitate zero-touch deployment, allowing organizations to ship devices directly to employees without prior provisioning.
The conversation also highlighted the balance between user experience and security, with both Josh and Geoffrey noting that organizations prioritize smooth onboarding processes to avoid user frustration.
